CLAIMS 

1 . A traffic manager for facilitating communication between a client node and a 
server node in a distributed computing environment, the server node having a first 
interface associated therewith, the traffic manager comprising a central processing 
unit which is operable to: 

communicate with the server node via the first interface, 

generate and publish at least a second interface corresponding to the first 

interface according to at least one policy, and 

communicate with the client node via the second interface, thereby allowing 

the client node to access at least one service on the server node in accordance with 

the at least one policy. 

2. The traffic manager of claim 1 , wherein the first and second interfaces 
comprises Simple Object Access Protocol (SOAP) interfaces. 

3. The traffic manager of claim 2, wherein the SOAP interfaces employ 
Extensible Markup Language (XML). 

4. The traffic manager of claim 2, wherein each of the first and second interfaces 
has a description language file associated therewith defining the associated 
interface. 

5. The traffic manager of claim 1 , wherein the first interface corresponds to one 
of HTTP, TCP, HTTPS, HTTPR, and MQ. 

6. The traffic manager of claim 1 , wherein the distributed computing environment 
includes a network corresponding to a single enterprise including the server node, 
and wherein the client node is external to the network. 

7. The traffic manager of claim 1 , wherein the distributed computing environment 
Includes a network corresponding to a single enterprise and including both the client 
and server nodes. 
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8. The traffic manager of claim 1 , wherein the at least one policy includes 
requiring authorization by a human operator for invocation of the at least one service. 

9. The traffic manager of claim 1 , wherein the at least one policy includes 
5 mapping an organizational role to a person. 

10. The traffic manager of claim 9, wherein the mapping of the organizational role 
to the person is done using an LDAP directory associated with the distributed 
computing environment. 




JS 11. The traffic manager of claim 1 , wherein the at least one policy is a security 
policy. 

.rr 1 2. The traffic manager of claim 1 1 , wherein the security policy is associated with 
- 15 encryption or decryption of at least a portion of data which is exchanged between the 
Iflj client and the server. 

_ 

13 1 3. The traffic manager of claim 1 1 , wherein the security policy is associated with 
generating or verifying at least one digital signature for at least one portion of data 
20 which is exchanged between the client and the server. 

14. The traffic manager of claim 1 1 , wherein the security policy is associated with 
protection against service attacks. 

25 1 5. The traffic manager of claim 1 , wherein the at least one policy is associated 
with enforcing policies with respect to publication or access to the first or second 
interfaces. 

16. The traffic manager of claim 1 , wherein the at least one policy is associated 
30 with review of data communicated between the server and client nodes. 

17. A traffic manager for facilitating communication between a plurality of nodes in 
a distributed computing environment, each of the nodes having a primary interface 
associated therewith, the traffic manager comprising a central processing unit which 
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is operable to generate and publish a plurality of intermediate interfaces each of 
which corresponds to one of the primary interfaces, each of the intermediate 
interfaces being generated according to at least one policy and allowing each of the 
nodes to access at least one service on at least one other one of the nodes. 

5 

1 8. The traffic manager of claim 17, wherein the primary and intermediate 
interfaces comprise of at least one Simple Object Access Protocol (SOAP) interface. 

19. The traffic manager of claim 18, wherein the at least one SOAP interface 
MO employs Extensible Markup Language (XML). 

20. The traffic manager of claim 1 8, wherein each of the primary and intermediate 
111 interfaces has a description language file associated therewith defining the 

f1 associated interface. 
" 15 

.£ s 

«5SS 

fy 21 . The traffic manager of claim 17, wherein the primary interface corresponds to 
fr one of HTTP, TCP, HTTPS, HTTPR, and MQ. 

i; - 

22. The traffic manager of claim 1 7, wherein the distributed computing 

20 environment includes a network corresponding to a single enterprise including the 
server node and wherein the client node is external to the network, 

23. The traffic manager of claim 17, wherein the distributed computing 
environment includes a network corresponding to a single enterprise and including 

25 both the client and server nodes. 

24. The traffic manager of claim 17, wherein the at least one policy includes 
requiring authorization by a human operator for invocation of the at least one service. 

30 25. The traffic manager of claim 17, wherein the at least one policy includes 
mapping an organizational role to a person. 
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26. The traffic manager of claim 25, wherein the mapping of the organizational 
role to the person is done using an LDAP directory associated with the distributed 
computing environment. 

27. The traffic manager of claim 17, wherein the at least one policy is a security 
policy. 

28. The traffic manager of claim 27, wherein the security policy is associated with 
encryption or decryption of at least a portion of data which is exchanged between the 
client and the server. 

29. The traffic manager of claim 27, wherein the security policy is associated with 
generating or verifying at least one digital signature for at least one portion of data 
which is exchanged between the client and the server. 

30. The traffic manager of claim 27, wherein the security policy is associated with 
protection against service attacks. 

31 . The traffic manager of claim 1 7, wherein the at least one policy is associated 
with enforcing policies with respect to publication or access to the first or second 
interfaces. 

32. The traffic manager of claim 17, wherein the at least one policy is associated 
with review of data communicated between the server and client nodes. 

33. A traffic manager for facilitating communication between a client node and a 
server node in a distributed computing environment, the server node having a first 
SOAP interface associated therewith, the traffic manager comprising a central 
processing unit which is operable to: 

communicate with the server node via the first SOAP interface, 
generate and publish a second SOAP interface corresponding to the first 
SOAP interface according to at least one policy, and 
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communicate with the client node via the second SOAP interface, thereby 
allowing the client node to access at least one service on the server node in 
accordance with the at least one policy. 

34. The traffic manager of claim 33, wherein the SOAP interfaces employ 
Extensible Markup Language (XML). 

35. The traffic manager of claim 34, wherein each of the first and second SOAP 

interfaces has a description language file associated therewith defining the 
associated interface. 

36. The traffic manager of claim 33, wherein the first and second SOAP interface 
corresponds to one of HTTP, TCP, HTTPS, HTTPR, and MQ. 

37. The traffic manager of claim 33, wherein the at least one policy is a security 
policy. 

38. The traffic manager of claim 37, wherein the security policy is associated with 
protection against service attacks. 

39. The traffic manager of claim 33, wherein the at least one policy is associated 
with enforcing policies with respect to publication or access to the first or second 
interfaces. 

40. The traffic manager of claim 33, wherein the at least one policy is associated 
with review of data communicated between the server and client nodes. 

41 . A traffic manager for facilitating communication between a plurality of nodes in 
a distributed computing environment, each of the nodes having a primary SOAP 
interface associated therewith, the traffic manager comprising a central processing 
unit which is operable to generate and publish a plurality of intermediate SOAP 
interfaces, each of which corresponds to one of the primary SOAP interfaces, each 
of the intermediate SOAP interfaces being generated according to at least one policy 
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and allowing each of the nodes to access at least one service on at least one other 
one of the nodes. 



42. A computer-implemented method of managing traffic between server and 
5 client programs, the method comprising: 

identifying a first SOAP interface associated with a server program; 
generating at least a second SOAP interface corresponding to the first SOAP 
interface according to at least one policy; and 

wherein the client program can use the second SOAP interface to request one 
idO or more services. 



43 fi^ method as recited in claim 42, wherein the method comprises: 
^ receiving a SOAP message through the second interface from the client 

program; and 

? 15 processing the SOAP message in accordance with at least one rule. 



44. A method as recited in claim 42, wherein the at least one policy includes 
requiring authorization by a human operator for invocation of the at least one service. 
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20 45. A method as recited in claim 42, wherein the at least one policy includes 
mapping an organizational role to a person. 

46. A method as recited in claim 42, wherein the mapping of the organizational 
role to the person is done using an LDAP directory associated with the distributed 

25 computing environment. 

47. A method as recited in claim 42, wherein the at least one policy is a security 
policy. 

30 48. A method as recited in claim 47, wherein the security policy is associated with 
encryption or decryption of at least a portion of data which is exchanged between the 
client and the server. 
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49. A method as recited in claim 47, wherein the security policy is associated with 
generating or verifying at least one digital signature for at least one portion of data 
which is exchanged between the client and the server. 

5 50. The traffic manager of claim 47, wherein the security policy is associated with 
protection against service attacks, 

51 . A method as recited in claim 42, wherein the at least one policy is associated 
with enforcing policies with respect to publication or access to the first or second 
|40 interfaces. 

1^ 52. A method as recited in claim 42, wherein the at least one policy is associated 

s fz 

ill with review of data communicated between the server and client nodes. 

:= 15 53. A computer readable medium having computer program instructions stored 
m therein for performing the method of claim 42. 

:: s 

C3 54. A computer-implemented method for facilitating communication between 

j! • 

server and client programs, the method comprising: 
20 reading a WSDL file associated with a first SOAP interface to at least one server 
program; and 

generating or publishing at least a second SOAP interface corresponding to 
the first SOAP interface in accordance with at least one policy; and 

wherein at least one client program can use the second SOAP interface to 
25 request one or more services. 

55. A method as recited in claim 54, wherein the method further comprises: 
reading a first UDDl file which lists the first SOAP interface; 

generating or publishing a second WSDL file which describes the second 
30 SOAP interface; and 

creating or updating at least one UDDl entry associated with the generated or 
published WSDL file. 
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56. A computer readable medium having computer program instructions stored 
therein for performing the method of claim 54. 

57. A computer-implemented method of processing SOAP messages, the method 
comprising; 

receiving a SOAP message; 

determining whether at least one rule is associated with the SOAP message; 

evaluating the at least one rule when the determining determines that at least 
one rule is associated with the SOAP message; and 

processing the SOAP message based on the result of the evaluating of the at 
least one rule. 
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